Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/LyH7eZafG3LW32XYUUvFfVXZXII.roa
File: LyH7eZafG3LW32XYUUvFfVXZXII.roa (raw, json)
Hash identifier: aHCz/FsvLZekw4fvTK2mXF1GOxYnlj083hBTpmTvvVg=
Subject key identifier: 2F:21:FB:79:96:9F:1B:72:D6:DF:65:D8:51:4B:C5:7D:55:D9:5C:82
Certificate issuer: /CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Certificate serial: 01823B7FC149CDAF12D9A77B44EACC8A1D37
Authority key identifier: 11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/LyH7eZafG3LW32XYUUvFfVXZXII.roa
Signing time: Tue 26 Jul 2022 17:13:24 +0000
ROA not before: Tue 26 Jul 2022 17:13:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44477
IP address blocks: 45.84.0.0/24 maxlen: 24
5.182.39.0/24 maxlen: 24
45.159.248.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:3b:7f:c1:49:cd:af:12:d9:a7:7b:44:ea:cc:8a:1d:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Validity
Not Before: Jul 26 17:13:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2f21fb79969f1b72d6df65d8514bc57d55d95c82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:6a:5f:60:f4:4f:06:a4:e6:6a:14:d6:8a:28:
5d:f4:fc:47:2b:e7:34:f8:62:d2:d4:f0:e7:f8:96:
f8:d7:9f:8b:ea:11:00:aa:9c:44:ce:9b:2b:7b:d6:
94:5d:d4:5d:89:d5:b5:a3:ed:aa:c8:6d:79:04:4b:
11:6b:86:15:b7:3a:7a:1f:bc:be:53:5a:fc:c9:35:
84:62:fc:a5:18:4f:7b:4e:ea:c2:b9:1f:39:a2:63:
54:c5:68:1b:80:a3:76:6d:cb:39:1e:24:eb:a3:f9:
4a:cf:67:ee:17:68:75:5c:82:93:b3:62:19:d7:e7:
04:1c:e5:17:40:b7:b7:9f:b2:2e:6e:45:c0:49:56:
b5:3a:10:89:aa:47:28:10:32:30:e1:07:92:5b:b4:
28:73:97:73:64:35:28:7c:1a:eb:e0:3e:0d:84:38:
7e:58:a3:fb:72:74:31:18:6f:eb:1c:23:9b:17:c6:
12:05:1c:7c:12:3f:3c:6d:b6:cf:cd:1c:e1:82:55:
9d:79:57:a1:90:2e:31:92:29:42:36:79:bc:a4:24:
89:73:d0:2c:33:39:32:0d:26:1a:06:dd:20:51:6d:
a9:07:60:e1:8f:ac:35:e1:1b:64:c9:55:34:6c:3c:
1a:be:d7:a5:0d:57:45:60:77:05:4f:9a:c7:0a:5a:
b1:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:21:FB:79:96:9F:1B:72:D6:DF:65:D8:51:4B:C5:7D:55:D9:5C:82
X509v3 Authority Key Identifier:
keyid:11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/LyH7eZafG3LW32XYUUvFfVXZXII.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.39.0/24
45.84.0.0/24
45.159.248.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:09:9f:2a:0e:84:b0:27:fb:7b:17:dc:47:50:77:e8:75:7b:
33:15:3e:aa:95:db:a2:bf:7f:63:29:00:db:74:51:e6:de:1d:
0e:38:34:77:0e:dc:c0:b6:0d:f3:9c:85:62:30:35:b4:81:b5:
f5:a7:a2:12:4c:d6:ef:41:5c:f1:6a:79:8f:69:10:0c:3d:22:
0b:26:d1:95:64:0c:43:0b:9a:97:23:8b:82:fc:62:0d:68:f6:
20:cd:ef:ba:66:94:63:bf:d0:a4:b1:e8:7c:86:f5:ba:f1:e3:
c1:e2:1c:e9:29:0a:f9:7a:bd:b6:8f:60:e2:ae:1e:6c:43:fa:
39:e3:a8:3b:2a:c1:55:8f:ba:c1:54:eb:57:27:ba:ec:b9:a3:
63:09:bd:89:83:e0:a5:cc:c6:9b:58:d2:a3:31:d6:c7:de:25:
fa:7d:db:79:ab:70:e7:ac:7d:8b:52:cd:63:d7:06:04:e2:f0:
f0:07:b9:ee:ea:72:a5:8d:f4:fe:02:06:0d:af:be:68:39:0b:
26:87:e7:85:78:75:48:6b:e4:95:2a:8d:f1:85:81:b2:4f:df:
a3:b8:01:75:c0:63:c5:ca:c5:9d:f7:81:6e:28:fa:77:88:58:
fc:37:02:c6:aa:16:1f:ae:0b:be:4e:ee:43:df:83:e7:6a:9c:
83:50:74:b4
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYI7f8FJza8S2ad7ROrMih03MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYTAxMGY4N2EwNDliNmUyMWFiZWQ5YjQwOTgzYjA0ZjNm
MWM3ZTgwHhcNMjIwNzI2MTcxMzI0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjIxZmI3OTk2OWYxYjcyZDZkZjY1ZDg1MTRiYzU3ZDU1ZDk1YzgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnmpfYPRPBqTmahTWiihd9PxHK+c0
+GLS1PDn+Jb415+L6hEAqpxEzpsre9aUXdRdidW1o+2qyG15BEsRa4YVtzp6H7y+
U1r8yTWEYvylGE97TurCuR85omNUxWgbgKN2bcs5HiTro/lKz2fuF2h1XIKTs2IZ
1+cEHOUXQLe3n7IubkXASVa1OhCJqkcoEDIw4QeSW7Qoc5dzZDUofBrr4D4NhDh+
WKP7cnQxGG/rHCObF8YSBRx8Ej88bbbPzRzhglWdeVehkC4xkilCNnm8pCSJc9As
MzkyDSYaBt0gUW2pB2Dhj6w14RtkyVU0bDwavtelDVdFYHcFT5rHClqxFwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFC8h+3mWnxty1t9l2FFLxX1V2VyCMB8GA1UdIwQY
MBaAFBGgEPh6BJtuIavtm0CYOwTz8cfoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUt
ZWU3NDY1NzU0ZmY2LzEvTHlIN2VaYWZHM0xXMzJYWVVVdkZmVlhaWElJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUtZWU3NDY1NzU0ZmY2
LzEvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABbYnAwQA
LVQAAwQALZ/4MA0GCSqGSIb3DQEBCwUAA4IBAQA+CZ8qDoSwJ/t7F9xHUHfodXsz
FT6qlduiv39jKQDbdFHm3h0OODR3DtzAtg3znIViMDW0gbX1p6ISTNbvQVzxanmP
aRAMPSILJtGVZAxDC5qXI4uC/GINaPYgze+6ZpRjv9Ckseh8hvW68ePB4hzpKQr5
er22j2Dirh5sQ/o546g7KsFVj7rBVOtXJ7rsuaNjCb2Jg+ClzMabWNKjMdbH3iX6
fdt5q3DnrH2LUs1j1wYE4vDwB7nu6nKljfT+AgYNr75oOQsmh+eFeHVIa+SVKo3x
hYGyT9+juAF1wGPFysWd94FuKPp3iFj8NwLGqhYfrgu+Tu5D34PnapyDUHS0
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:42 2023 by rpki-client on console-fra.rpki-client.org